I have a customer who is seeing an SSL exploit on his Java SE 6 Application. I don't have details yet from her, but she defined the event as one related to an exploit in OpenSSL. Are the javax.ssl.ssl libraries based on source code from the OpenSSL libraries?